Select Reports > Portal > Repository > Standard Content > PCI > PCI Reports > Requirement 2:Default Security Parameters.
PCI Requirement 2 addresses the use of vendor-supplied default settings, such as passwords and account names. These are known values and can be exploited by malicious users. While devices and firewalls installed by IT administrators might have strong security process, users who install software and add devices might not follow good security practices.
Use the following reports to check for default security parameters in your environment.
Reports default vendor accounts by username. The table provides results by the IP address and name of the device’s address, the vendor’s name, the account name, and quantity.
Reports the internal PCI systems that communicate directly with external systems. PCI standards expects that your enterprise can justify this type of traffic. The table provides results by the IP address of the source system, destination system, and the device; the destination port; the protocol used; and the number of events.
Reports systems with the most misconfiguration events reported in your environment. The table provides results by IP address and name of the misconfigured system, the name of the event, and number of events.
In general, the most common vulnerability in your environment is misconfigured operating systems, frameworks, libraries, and applications. Misconfigurations include missing security patches or updates, incomplete or ad hoc configurations, use of insecure default configurations, poorly configured HTTP headers, and error messages that contain sensitive information.
Reports the configuration changes to network routing by IP address. The table provides results by the device changed, the type of change, number of events detected, and date of the most recent event.
Reports all personal firewalls found in the network. The table lists the IP address and name of the system hosting the personal firewall, as well as the more recent time that the firewall was detected.
Reports the RFC1918 IP addresses that communicate with public IP addresses. The table provides results by IP addresses of the source system, destination system, and device; the protocol used; and the number of events.
Reports the software found by IP address and host name.
Reports the system with the most unauthorized traffic. The table provides results by the IP addresses for the device, the source system, and the destination system; the affected port; the protocol used; and number of events.
Reports the accounts that have had unencrypted administrative access events. The table provides results by the IP address and name of the host, the affected account, the port used, affected process, and number of events.
Reports changes to the configuration files of VPN devices. The table provides results by the IP address of the VPN, the product and name, the number of events, and the most recent time that the device was changed.